Skip to content
This repository has been archived by the owner on Oct 6, 2022. It is now read-only.

update X-OIDC for requests #83

Open
aliak00 opened this issue May 8, 2018 · 2 comments
Open

update X-OIDC for requests #83

aliak00 opened this issue May 8, 2018 · 2 comments
Labels
bug Something isn't working question Further information is requested

Comments

@aliak00
Copy link
Contributor

aliak00 commented May 8, 2018

So, ok, the x-oidc header should only be sent to endpoints that handle it, which is only oauth/token

And then only for grant types that is supported in the oauth service
client_credentials, yes
authorization_code, not sure but think so
password, no
refresh_token, yes

New value: X-OIDC: v1 for the grants that are supported by oauth service.

@aliak00 aliak00 added the bug Something isn't working label May 8, 2018
@aliak00 aliak00 changed the title X-OIDC header not for all requests update X-OIDC for requests May 8, 2018
@joawan
Copy link
Member

joawan commented May 8, 2018

authorization_code works, but you won't get back a refresh token, unless you specify scope=offline_access during the authorization flow.

Will need to look into how that is handle on things like account pages, and other flows.

@aliak00 aliak00 added the good first issue Good for newcomers label Sep 11, 2018
@aliak00
Copy link
Contributor Author

aliak00 commented Sep 11, 2018

Better to wait till oauth service supports everything before starting or this'll be a half implementation.

After implementation. Must make sure the following scenarios work:

  1. login -> visit profile pages -> go back to app -> logout
  2. create user -> validate link - > visit profile pages -> go back to app -> logout
  3. login -> refresh tokens -> visit profile pages -> go back to app -> logout

@aliak00 aliak00 added question Further information is requested and removed good first issue Good for newcomers labels Sep 11, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Something isn't working question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants